PingOne Solution Packs

Healthcare - Registration with Threat Detection and ID Verification - Main Flow

The Healthcare - Registration with Threat Detection and ID Verification - Main Flow serves as the primary flow, letting users register an account after performing threat detection and ID verification.

Purpose

The Healthcare - Registration with Threat Detection and ID Verification - Main Flow presents users with options to register an account. It uses the Healthcare - Account Registration - Subflow to register the user if the user opts to create an account. If the user selects social login, it uses the Healthcare - Agreement (ToS) - Subflow to verify that the user has agreed to the terms of service and the Healthcare - Verify Email - Subflow if the user needs to verify their email address.

Structure

This flow is divided into sections using teleport nodes:

Flow Configuration

Uses multiple function nodes to save the variable and parameter values so that the correct values are available in the flow and in subflows. The flow then progresses to the Sign Up Page & Call Account Registration Sub-Flow section.

Sign Up Page & Call Account Registration Sub-Flow

Presents the user with a passwordless sign-up page, then branches based on the user’s selection:

  • If the user clicked Register, the Healthcare - Account Registration - Subflow is invoked. If the subflow completed successfully, a function node checks if the user logged in using social IdP:

    • If the user used social IdP, a hidden HTML node enables css files disabled during social login, and the flow progresses to the Call Check Agreement and Email verification Sub-Flow section.

    • If the user did not use social IdP, a PingOne node sends an email notifying the user of the account creation, and the flow progresses to the Return Success section.

  • If the user selected a social IdP option, a hidden HTML node enables css files disabled during social login, and the flow progresses to the Call Check Agreement and Email verification Sub-Flow section.

Call Check Agreement and Email verification Sub-Flow

Invokes the Healthcare - Agreement (ToS) - Subflow. When the subflow completes, uses a PingOne node to look up the user. If email verification is required, invokes the Healthcare - Verify Email - Subflow subflow.

The flow then progresses to the Handle Remember Me if Applicable section.

Handle Remember Me if Applicable

Uses a function node to check if the remember me option is checked. If so, a function node adds rememberMe to the authentication methods.

The flow then progresses to the Return Success section.

Return Success

Displays a success message, then branches based on the invocation method:

  • If the flow was invoked with the widget, uses a PingOne node to find the user, then sends a success JSON response, indicating that the flow completed successfully.

  • If the flow was not invoked with the widget, sends a success JSON response, indicating that the flow completed successfully.

Simultaneously, uses a function node to check if the risk evaluation ID is present, and uses a PingOne Protect node to update the user’s risk evaluation if a risk evaluation ID is present.

Return Error

Uses a function node to enrich the error details, displays an error message, then sends an error JSON response indicating that the flow completed unsuccessfully.

Simultaneously, uses a function node to check if the risk evaluation ID is present, and uses a PingOne Protect node to update the user’s risk evaluation if a risk evaluation ID is present.

Input schema

This flow has the following inputs:

Input name Required Description

flowParameters

No

An object containing any parameters passed in by the flow invocation.

Output schema

This flow has the following outputs:

Output name Description

p1UserId

The user’s PingOne user ID.

p1Username

The user’s PingOne user name.

successMessage

The success message to display.

errorMessage

The error message to display.

Variables and parameters

This flow uses the following variable or parameter values:

Variable name Description

flowCompanyLogo

The URL for your company logo.

p1MFAPolicyId

The ID of the PingOne MFA policy to use in the flow.

p1AgreementId

The ID of the agreement to present to users.

p1RiskPolicyIdAuthn

The PingOne risk policy ID to use for authentication.

p1RiskPolicyIdAR

The PingOne risk policy ID to use for account recovery.

p1RiskPolicyIdReg

The PingOne risk policy ID to use for registration.

protectRiskEvalId

The risk ID of the current user as used by PingOne Protect.

authmethod

The authentication method used by the user.

p1VerifyPolicyIdReg

The PingOne Verify policy ID to use for registration.

digitalWalletApplicationId

The ID of the digital wallet to use.

verifiedIdentityCredentialTypeId

The credential type ID for the user.

credentialType

The credential type used by the user.

ciam_appleEnabled

Indicates whether authentication through Apple is enabled in your environment.

ciam_facebookEnabled

Indicates whether authentication through Facebook is enabled in your environment.

ciam_googleEnabled

Indicates whether authentication through Google is enabled in your environment.

flowProtectAnalysisRequired

Indicates whether a PingOne Protect analysis must be performed for all users.

ciam_magicLinkEnabled

Indicates whether magic link authentication is enabled.

ciam_agreementEnabled

Indicates whether the agreement is required.

ciam_protectAnalysisRequired

Indicates whether PingOne Protect analysis is required.

ciam_logoUrl

The URL for your company logo.

This value is used only when the flow is launched with a redirect.

ciam_companyName

Displays the name of your company.

This value is used only when the flow is launched with a redirect.

ciam_logoStyle

The HTML style to use for your company logo.

This value is used only when the flow is launched with a redirect.

flowMethod

The method used to launch the flow.